Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 6: Firewalls

Full screen (f)
exit full mode
Question
Firewalls will drop ________.

A) suspicious packets
B) provable attack packets
C) Both A and B
D) Neither A nor B
Use Space or
up arrow
down arrow
to flip the card.
Question
Almost all main border firewalls use ________ filtering as their primary filtering mechanism.

A) unified threat management
B) application proxy
C) static packet filtering
D) None of the above
Question
In ________ filtering, the firewall examines packets entering the network from the outside.

A) ingress
B) egress
C) Both A and B
D) Neither A nor B
Question
Static packet filtering is sometimes used ________.

A) as a secondary filtering mechanism on an application proxy firewall
B) on border routers
C) Both A and B
D) Neither A nor B
Question
An internal firewall sits at the boundary between the corporate site and the Internet.
Question
If a firewall receives a packet that is suspicious, it will drop and log the packet.
Question
Static packet filtering firewalls are limited to ________.

A) inspecting packets for which there are good application proxy filtering rules
B) inspecting packets in isolation from their context
C) Both A and B
D) Neither A nor B
Question
In ________ filtering, the firewall filters packets when they are leaving the network.

A) ingress
B) egress
C) Both A and B
D) Neither A nor B
Question
In ingress filtering, the firewall examines packets entering the network from the outside, typically from the Internet.
Question
Wire speed is the maximum speed at which a firewall can filter packets.
Question
A ________ firewall handling all traditional firewall functions (SPI, ACLs, etc.) as well as additional security functions such as antivirus filtering, spam filtering, application proxy filtering, and so forth.

A) unified threat management
B) stateful packet inspection
C) static packet inspection
D) None of the above
Question
SPI firewalls can conduct ________ inspection.

A) stateful packet
B) static packet filtering
C) Both A and B
D) Neither A nor B
Question
If a firewall has to drop packets because it cannot keep up with traffic volume, this is ________.

A) good because it will prevent possible attack packets from entering the network
B) bad because valid, non-attack packets will be dropped and this will effectively created a self-generated DOS attack
C) Both A and B
D) Neither A nor B
Question
________ firewalls filter traffic passing between different parts of a site's network.

A) Border
B) Internal
C) Intermediate
D) None of the above
Question
A connection opening is a state.
Question
A border firewall sits at the boundary between the corporate site and the external Internet.
Question
If a firewall receives a suspicious packet, the firewall will ________.

A) log the packet
B) drop the packet
C) Both A and B
D) Neither A nor B
Question
If a firewall receives a provable attack packet, the firewall will ________.

A) log the packet
B) drop the packet
C) Both A and B
D) Neither A nor B
Question
The purpose of egress firewall filtering is to stop attack packets from entering the firm's internal network.
Question
If a firewall cannot keep up with traffic volume, it will ________.

A) continue passing all packets but slow operation
B) drop packets it cannot process
C) pass any packets it cannot filter
D) shut down, failing safely
Question
In ingress and egress filtering, an SPI firewall always considers its ACL rules when a new packet arrives that does not attempt to open a connection.
Question
Both TCP and UDP can be used by an application .
Question
A connection designates a specific program designated by a port number on a specific computer's IP address.
Question
The last egress ACL rule in a border firewall is DENY ALL.
Question
A socket designates a specific program designated by a port number on a specific computer's IP address.
Question
What is the SPI firewall rule for packets that only have their TCP ACK bits set but no other flags set?

A) Drop the packet unless it is permitted by an ACL
B) Pass the packet unless it is forbidden by an ACL
C) Pass the packet if it is part of a previously approved connection
D) Either A or B
Question
A ________ is a persistent conversation between different programs on different computers.

A) connection
B) state
C) Both A and B
D) Neither A nor B
Question
Ingress ACL rules typically permit a specific type of internally originated connection to outside resources.
Question
Ingress ACL rules typically permit a specific type of externally originated connection to network resources.
Question
A ________ port number designates a specific application running on a server.

A) well-known
B) ephemeral
C) Both A and B
D) Neither A nor B
Question
Most packets are part of the ________ state.

A) connection opening
B) connection closing
C) Both A and B
D) Neither A nor B
Question
SPI firewalls cannot handle UDP communications because UDP is connectionless.
Question
A state is a distinct phase in a connection between two applications.
Question
What is the SPI firewall rule for packets that do not attempt to open connections?

A) Drop the packet unless it is permitted by an ACL
B) Pass the packet unless it is forbidden by an ACL
C) Pass the packet if it is part of a previously approved connection
D) Either A or B
Question
Which of the following is one of the two simple DEFAULT SPI firewall rules for packets that attempt to open connections?

A) Permit all attempts to open a connection from an internal host to an external host
B) Permit all attempts from external hosts to open a connection with an internal host
C) Both A and B
D) Neither A nor B
Question
SPI filtering for packets that are part of ongoing communications is usually simple.
Question
A connection between two programs on different computers is represented by its ________.

A) pair of IP addresses
B) pair of port numbers
C) pair of sockets
D) None of the above
Question
It is better to have an ACL that permits access to a single internal webserver than one that allows access to all internal webservers.
Question
In ingress and egress filtering, an SPI firewall always considers its ACL rules when a new packet arrives that attempts to open a connection.
Question
SPI firewalls can handle both ICMP and UDP.
Question
If you will proxy 8 different applications, you will need ________ proxy programs.

A) 2
B) 4
C) 6
D) 8
Question
Application proxy firewalls can always examine application layer content.
Question
The combination of high safety and low cost makes SPI firewalls extremely popular.
Question
IDSs tend to issue many false negatives.
Question
Automatic protections for application proxy firewalls include ________.

A) protocol fidelity
B) header destruction
C) Both A and B
D) Neither A nor B
Question
________ drop packets.

A) Firewalls
B) IDSs
C) Both A and B
D) Neither A nor B
Question
Stateful packet inspection firewalls use relay operation with two connections per client/server pair.
Question
________ firewalls always examine application messages in depth.

A) Static packet filtering
B) SPI
C) Application proxy
D) All of the above
Question
Today, application proxy firewalls are commonly used ________.

A) to protect internal clients from malicious external servers
B) as main border firewalls
C) Both A and B
D) Neither A nor B
Question
Stateful packet inspection firewalls are ________.

A) expensive
B) fairly safe in practice
C) Both A and B
D) Neither A nor B
Question
If you will proxy four different applications, how many proxy programs will you need?

A) 1
B) 2
C) 4
D) 8
Question
NAT is able to stop ________.

A) scanning probes
B) sniffers from learning anything about the internal IP address of internal hosts
C) Both A and B
D) Neither A nor B
Question
There is(are) ________ NAT traversal method(s).

A) 1
B) 2
C) 7
D) several
Question
Attacks other than application level attacks usually fail to get through SPI firewalls.
Question
Main border firewalls rarely use stateful packet inspection.
Question
The NAT firewall places only the internal socket in the translation table.
Question
Nearly all applications can be proxied effectively.
Question
Nearly all main border walls today use ________ filtering.

A) unified threat management
B) stateful packet inspection
C) static packet inspection
D) All of the above
Question
An application proxy firewall needs have multiple proxy programs if it is to filter multiple application protocols.
Question
Stateful packet inspection firewalls ________.

A) always do application content filtering
B) have the slow speed of relay operation
C) Both A and B
D) Neither A nor B
Question
After an antivirus server performs filtering, it may ________.

A) drop the object
B) send the object to the firewall to pass to the destination
C) pass the object to the destination directly
D) All of the above
Question
Firewall policies should govern ________.

A) configuration
B) testing
C) Both A and B
D) Neither A nor B
Question
If an IPS identifies an attack, it can ________.

A) drop the attack packet(s)
B) limit suspicious traffic to a certain percentage of the total bandwidth
C) Both A and B
D) Neither A nor B
Question
Which IPS response to an attack can do the most damage?

A) Dropping packets
B) Limiting suspicious traffic to a certain percentage of the total bandwidth
C) Both A and B do equal amounts of damage
D) Neither A nor B
Question
In a firewall policy database, the source field and destination field are fairly explanatory.
Question
IDSs need to filter individual packets rather than packet streams.
Question
The firewall should go through vulnerability testing after each change.
Question
________ drop packets.

A) IDSs
B) IPSs
C) Both A and B
D) Neither A nor B
Question
Bandwidth limitation for certain types of traffic is less risky than dropping packets.
Question
Firewall appliances need little or no hardening before they are installed.
Question
Which IPS response to an attack is the most effective in stopping attacks?

A) Dropping packets
B) Limiting suspicious traffic to a certain percentage of the total bandwidth
C) Both A and B are equally effective
D) Neither A nor B
Question
Antivirus servers can look for ________.

A) viruses
B) worms
C) Trojan horses
D) All of the above
Question
Centralized firewall management systems automatically create ACLs from policies.
Question
IDSs drop packets that are merely suspicious.
Question
Antivirus servers can only find viruses, not other types of malware.
Question
What type of filtering do IDSs do?

A) Deep packet inspection
B) SPI filtering
C) Both A and B
D) Neither A nor B
Question
What type of filtering do IDSs do?

A) Packet stream analysis
B) SPI filtering
C) Both A and B
D) Neither A nor B
Question
Firewalls do not stop provable attack packets
Question
What time of filtering do UTM firewalls provide?

A) IDS Service
B) Antivirus filtering
C) Both A and B
D) Neither A nor B
Question
________ do not drop packets.

A) IDSs
B) IPSs
C) Firewalls
D) All of the above drop packets.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/100
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 6: Firewalls
1
Firewalls will drop ________.

A) suspicious packets
B) provable attack packets
C) Both A and B
D) Neither A nor B
B
2
Almost all main border firewalls use ________ filtering as their primary filtering mechanism.

A) unified threat management
B) application proxy
C) static packet filtering
D) None of the above
D
3
In ________ filtering, the firewall examines packets entering the network from the outside.

A) ingress
B) egress
C) Both A and B
D) Neither A nor B
A
4
Static packet filtering is sometimes used ________.

A) as a secondary filtering mechanism on an application proxy firewall
B) on border routers
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
5
An internal firewall sits at the boundary between the corporate site and the Internet.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
6
If a firewall receives a packet that is suspicious, it will drop and log the packet.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
7
Static packet filtering firewalls are limited to ________.

A) inspecting packets for which there are good application proxy filtering rules
B) inspecting packets in isolation from their context
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
8
In ________ filtering, the firewall filters packets when they are leaving the network.

A) ingress
B) egress
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
9
In ingress filtering, the firewall examines packets entering the network from the outside, typically from the Internet.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
10
Wire speed is the maximum speed at which a firewall can filter packets.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
11
A ________ firewall handling all traditional firewall functions (SPI, ACLs, etc.) as well as additional security functions such as antivirus filtering, spam filtering, application proxy filtering, and so forth.

A) unified threat management
B) stateful packet inspection
C) static packet inspection
D) None of the above
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
12
SPI firewalls can conduct ________ inspection.

A) stateful packet
B) static packet filtering
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
13
If a firewall has to drop packets because it cannot keep up with traffic volume, this is ________.

A) good because it will prevent possible attack packets from entering the network
B) bad because valid, non-attack packets will be dropped and this will effectively created a self-generated DOS attack
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
14
________ firewalls filter traffic passing between different parts of a site's network.

A) Border
B) Internal
C) Intermediate
D) None of the above
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
15
A connection opening is a state.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
16
A border firewall sits at the boundary between the corporate site and the external Internet.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
17
If a firewall receives a suspicious packet, the firewall will ________.

A) log the packet
B) drop the packet
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
18
If a firewall receives a provable attack packet, the firewall will ________.

A) log the packet
B) drop the packet
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
19
The purpose of egress firewall filtering is to stop attack packets from entering the firm's internal network.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
20
If a firewall cannot keep up with traffic volume, it will ________.

A) continue passing all packets but slow operation
B) drop packets it cannot process
C) pass any packets it cannot filter
D) shut down, failing safely
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
21
In ingress and egress filtering, an SPI firewall always considers its ACL rules when a new packet arrives that does not attempt to open a connection.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
22
Both TCP and UDP can be used by an application .
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
23
A connection designates a specific program designated by a port number on a specific computer's IP address.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
24
The last egress ACL rule in a border firewall is DENY ALL.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
25
A socket designates a specific program designated by a port number on a specific computer's IP address.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
26
What is the SPI firewall rule for packets that only have their TCP ACK bits set but no other flags set?

A) Drop the packet unless it is permitted by an ACL
B) Pass the packet unless it is forbidden by an ACL
C) Pass the packet if it is part of a previously approved connection
D) Either A or B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
27
A ________ is a persistent conversation between different programs on different computers.

A) connection
B) state
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
28
Ingress ACL rules typically permit a specific type of internally originated connection to outside resources.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
29
Ingress ACL rules typically permit a specific type of externally originated connection to network resources.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
30
A ________ port number designates a specific application running on a server.

A) well-known
B) ephemeral
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
31
Most packets are part of the ________ state.

A) connection opening
B) connection closing
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
32
SPI firewalls cannot handle UDP communications because UDP is connectionless.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
33
A state is a distinct phase in a connection between two applications.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
34
What is the SPI firewall rule for packets that do not attempt to open connections?

A) Drop the packet unless it is permitted by an ACL
B) Pass the packet unless it is forbidden by an ACL
C) Pass the packet if it is part of a previously approved connection
D) Either A or B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
35
Which of the following is one of the two simple DEFAULT SPI firewall rules for packets that attempt to open connections?

A) Permit all attempts to open a connection from an internal host to an external host
B) Permit all attempts from external hosts to open a connection with an internal host
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
36
SPI filtering for packets that are part of ongoing communications is usually simple.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
37
A connection between two programs on different computers is represented by its ________.

A) pair of IP addresses
B) pair of port numbers
C) pair of sockets
D) None of the above
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
38
It is better to have an ACL that permits access to a single internal webserver than one that allows access to all internal webservers.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
39
In ingress and egress filtering, an SPI firewall always considers its ACL rules when a new packet arrives that attempts to open a connection.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
40
SPI firewalls can handle both ICMP and UDP.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
41
If you will proxy 8 different applications, you will need ________ proxy programs.

A) 2
B) 4
C) 6
D) 8
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
42
Application proxy firewalls can always examine application layer content.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
43
The combination of high safety and low cost makes SPI firewalls extremely popular.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
44
IDSs tend to issue many false negatives.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
45
Automatic protections for application proxy firewalls include ________.

A) protocol fidelity
B) header destruction
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
46
________ drop packets.

A) Firewalls
B) IDSs
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
47
Stateful packet inspection firewalls use relay operation with two connections per client/server pair.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
48
________ firewalls always examine application messages in depth.

A) Static packet filtering
B) SPI
C) Application proxy
D) All of the above
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
49
Today, application proxy firewalls are commonly used ________.

A) to protect internal clients from malicious external servers
B) as main border firewalls
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
50
Stateful packet inspection firewalls are ________.

A) expensive
B) fairly safe in practice
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
51
If you will proxy four different applications, how many proxy programs will you need?

A) 1
B) 2
C) 4
D) 8
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
52
NAT is able to stop ________.

A) scanning probes
B) sniffers from learning anything about the internal IP address of internal hosts
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
53
There is(are) ________ NAT traversal method(s).

A) 1
B) 2
C) 7
D) several
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
54
Attacks other than application level attacks usually fail to get through SPI firewalls.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
55
Main border firewalls rarely use stateful packet inspection.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
56
The NAT firewall places only the internal socket in the translation table.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
57
Nearly all applications can be proxied effectively.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
58
Nearly all main border walls today use ________ filtering.

A) unified threat management
B) stateful packet inspection
C) static packet inspection
D) All of the above
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
59
An application proxy firewall needs have multiple proxy programs if it is to filter multiple application protocols.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
60
Stateful packet inspection firewalls ________.

A) always do application content filtering
B) have the slow speed of relay operation
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
61
After an antivirus server performs filtering, it may ________.

A) drop the object
B) send the object to the firewall to pass to the destination
C) pass the object to the destination directly
D) All of the above
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
62
Firewall policies should govern ________.

A) configuration
B) testing
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
63
If an IPS identifies an attack, it can ________.

A) drop the attack packet(s)
B) limit suspicious traffic to a certain percentage of the total bandwidth
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
64
Which IPS response to an attack can do the most damage?

A) Dropping packets
B) Limiting suspicious traffic to a certain percentage of the total bandwidth
C) Both A and B do equal amounts of damage
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
65
In a firewall policy database, the source field and destination field are fairly explanatory.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
66
IDSs need to filter individual packets rather than packet streams.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
67
The firewall should go through vulnerability testing after each change.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
68
________ drop packets.

A) IDSs
B) IPSs
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
69
Bandwidth limitation for certain types of traffic is less risky than dropping packets.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
70
Firewall appliances need little or no hardening before they are installed.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
71
Which IPS response to an attack is the most effective in stopping attacks?

A) Dropping packets
B) Limiting suspicious traffic to a certain percentage of the total bandwidth
C) Both A and B are equally effective
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
72
Antivirus servers can look for ________.

A) viruses
B) worms
C) Trojan horses
D) All of the above
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
73
Centralized firewall management systems automatically create ACLs from policies.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
74
IDSs drop packets that are merely suspicious.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
75
Antivirus servers can only find viruses, not other types of malware.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
76
What type of filtering do IDSs do?

A) Deep packet inspection
B) SPI filtering
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
77
What type of filtering do IDSs do?

A) Packet stream analysis
B) SPI filtering
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
78
Firewalls do not stop provable attack packets
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
79
What time of filtering do UTM firewalls provide?

A) IDS Service
B) Antivirus filtering
C) Both A and B
D) Neither A nor B
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
80
________ do not drop packets.

A) IDSs
B) IPSs
C) Firewalls
D) All of the above drop packets.
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 100 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree